A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]
Lynis or how to quickly audit your system’s security configuration
How to install WordPress on Debian 9 (LAMP stack)
In this guide we’ll see how to install a simple, clean, new WordPress site. In order to run this site we’ll have to have a LAMP (or FAMP if you prefer FreeBSD over Linux) stack in place. Read the correspondent guides in order to get the necessary software layers all together, rightly configured. If you […]
A brief introduction to SSL/TLS certificates
SSL stands for Secure Sockets Layer and it an old implementation of a crytographic protocol. TLS, or Transport Layer Security, is a new one. They are both used to have privacy in the communications between different parties. They are used to secure email, web browsing, instant messaging, etc These protocols work in a complex way […]
Microsoft’s Patch Tuesday – April 2020
For the first time here at adminbyaccident.com I will share some information about Windows patching that I hope can shed some light and help people on deciding what to patch and how quickly to patch. Digesting Microsoft’s Patch Tuesday releases is always tricky. The amount of information is overwhelming and since almost every company on […]
How to install AWStats on FreeBSD 13.0
AWStats is a very powerful and useful software allowing webmasters count the visits to their managed websites. The tool is basically coded in Perl and it was a very popular choice before Google made it way easy when they launched their Google Analytics tool. However, nowadays not everyone is using Google Analytics services and even […]
How to load and unload kernel modules in Linux
Kernel modules permit enabling hardware features on a given system. For example, if we need to read from a particular filesystem from a hard drive, we need to load a particular kernel module. Or use a specific network card, a sound card or sound device, a video display, etc. This is mostly done automatically in […]
What is Expect?
Expect is a handy scripting tool for task automation. You may have never heard of it. I heard about many scripting things before. But one day I needed something simple but didn’t know how to proceed, what would be a good tool for my purpose. The task was simple. Exporting a website content from a […]
Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
The CVE-2019-0708 is the number assigned to a very dangerous vulnerability found in the RDP protocol in Windows sytems. This is also known as the ‘Blue Keep’ vulnerability. The issue was so critical that Microsoft did even release patches to unsupported operating systems such as Windows XP or Server 2003. To this day there are […]
List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]
How to analyze suspicious email
Millions of emails are sent and received every day. Most of them are just junk. And many among those are potentially harmful. Phishing still is one of the most effective ways for malicious actors to penetrate into well secured networks. The weakest link, too often, is the human factor. Training can help mitigate this 24×7 […]